Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json)
Hash identifier: FFuA0jUd4pzSp9Co8BIHRx97QH4rDxRdnzDRAmaeFVg=
Subject key identifier: 7D:22:0A:4C:02:ED:E2:C3:36:03:F1:29:CA:9A:15:86:01:91:A2:6D
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 019923310CA072513BF8F0B6984258FA1A7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
Manifest number: 0FA1
Signing time: Sun 07 Sep 2025 08:00:40 +0000
Manifest this update: Sun 07 Sep 2025 08:00:40 +0000
Manifest next update: Mon 08 Sep 2025 08:00:40 +0000
Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: l7oJaNUZ8ZIE5IhBp6g8BENNhfhSp+14nw7009VcxQ0=)
2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:31:0c:a0:72:51:3b:f8:f0:b6:98:42:58:fa:1a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Sep 7 08:00:40 2025 GMT
Not After : Sep 8 08:00:40 2025 GMT
Subject: CN=7d220a4c02ede2c33603f129ca9a15860191a26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:3e:8e:ab:35:e6:b4:0a:7b:cb:dd:88:20:
e1:9d:1f:6f:73:6e:e8:02:d3:49:e4:a3:c9:29:95:
b9:07:3a:da:6c:d0:16:ae:dd:f4:67:fa:27:79:bf:
2f:14:25:5c:91:87:c6:f9:e7:21:77:84:f7:b8:71:
e8:c5:0c:4d:5b:70:1d:95:32:97:04:b0:b2:5d:c0:
15:b9:f6:8f:bf:bf:6d:d0:42:2c:7f:fe:63:70:de:
a3:a2:c7:71:ce:ae:02:a2:8f:80:45:a0:18:43:a7:
7c:ac:40:0c:d4:75:cc:f4:5d:48:6f:1e:d0:e2:ad:
98:cc:da:e4:07:cb:c8:b8:e3:ba:e9:a7:86:26:48:
44:1b:a9:f3:90:1a:16:5b:44:a3:59:01:32:a7:c5:
82:76:2e:7c:7b:e0:7e:6b:96:7c:b5:f7:1c:6a:cb:
71:5b:3c:f4:e8:d7:56:4e:34:89:cf:c2:e0:aa:4d:
71:b0:bf:a4:a6:be:d5:e1:5f:88:fc:50:df:36:73:
35:d4:ce:26:cf:50:bc:69:62:11:45:f2:56:d7:40:
10:bd:fb:40:24:21:26:c7:1e:38:08:5f:e2:0c:98:
2c:04:7c:8c:e0:fa:0c:af:c0:99:bf:08:75:b3:9a:
40:c2:76:a0:43:e5:d1:2e:0f:1c:df:be:5b:97:94:
fa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:22:0A:4C:02:ED:E2:C3:36:03:F1:29:CA:9A:15:86:01:91:A2:6D
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:a0:76:5d:24:46:f1:ca:36:ef:04:45:7e:cf:15:63:14:35:
45:ae:62:b1:50:1f:e1:5c:e5:a9:a4:a2:34:01:be:04:45:12:
44:51:b1:69:81:58:63:43:15:1f:6d:d2:bd:36:8d:2d:a3:68:
06:bf:a0:0f:aa:e3:97:ac:d0:21:df:dd:77:42:e2:07:c8:7b:
bb:08:86:5a:a6:d0:8f:5e:17:a5:90:76:39:50:01:61:cb:0b:
39:8f:6d:c4:a2:e9:da:ce:5d:11:b3:d0:fe:26:02:62:15:75:
bc:bc:5c:00:f4:53:73:31:f1:28:b2:d2:c0:a0:e4:ee:71:0b:
de:c3:9f:b2:2a:f3:88:7f:c0:4a:85:26:78:d3:d8:e4:11:c7:
d9:00:31:bc:4b:b0:1e:e3:37:6d:f7:cc:13:0c:f9:52:7c:ae:
b2:85:ff:8d:c1:6d:3a:67:b7:cc:b2:2f:cd:94:90:ac:cc:c0:
27:7e:75:25:ae:46:bf:31:cb:2b:c2:64:0e:ce:ee:15:3c:4e:
88:c9:82:e8:a7:71:47:c5:b8:89:e9:db:11:6a:42:58:58:69:
64:93:59:69:42:19:25:24:00:92:32:9e:ad:5a:9d:c0:87:f0:
7f:0a:0e:8c:a4:b9:67:3a:5f:fc:f4:82:41:c5:36:f4:c2:fb:
81:da:97:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMQygclE7+PC2mEJY+hp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjUwOTA3MDgwMDQwWhcNMjUwOTA4MDgwMDQwWjAzMTEwLwYDVQQD
Eyg3ZDIyMGE0YzAyZWRlMmMzMzYwM2YxMjljYTlhMTU4NjAxOTFhMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOk+jqs15rQKe8vdiCDhnR9vc27o
AtNJ5KPJKZW5BzrabNAWrt30Z/oneb8vFCVckYfG+echd4T3uHHoxQxNW3AdlTKX
BLCyXcAVufaPv79t0EIsf/5jcN6josdxzq4Coo+ARaAYQ6d8rEAM1HXM9F1Ibx7Q
4q2YzNrkB8vIuOO66aeGJkhEG6nzkBoWW0SjWQEyp8WCdi58e+B+a5Z8tfccastx
Wzz06NdWTjSJz8Lgqk1xsL+kpr7V4V+I/FDfNnM11M4mz1C8aWIRRfJW10AQvftA
JCEmxx44CF/iDJgsBHyM4PoMr8CZvwh1s5pAwnagQ+XRLg8c375bl5T6PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0iCkwC7eLDNgPxKcqaFYYBkaJtMB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqB2XSRG
8co27wRFfs8VYxQ1Ra5isVAf4VzlqaSiNAG+BEUSRFGxaYFYY0MVH23SvTaNLaNo
Br+gD6rjl6zQId/dd0LiB8h7uwiGWqbQj14XpZB2OVABYcsLOY9txKLp2s5dEbPQ
/iYCYhV1vLxcAPRTczHxKLLSwKDk7nEL3sOfsirziH/ASoUmeNPY5BHH2QAxvEuw
HuM3bffMEwz5UnyusoX/jcFtOme3zLIvzZSQrMzAJ351Ja5GvzHLK8JkDs7uFTxO
iMmC6KdxR8W4ienbEWpCWFhpZJNZaUIZJSQAkjKerVqdwIfwfwoOjKS5Zzpf/PSC
QcU29ML7gdqXFw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:12 2025 by rpki-client